Nuprl Lemma : pv11

Nuprl Lemma : pv11_p1-ilf

(∀[loc:Id]. ∀[accpts:bag(Id)]. ∀[Cmd:{T:Type| valueall-type(T)} ]. ∀[mf:pv11_p1_headers_type{i:l}(Cmd)].
∀[es:EO+(Message(mf))]. ∀[e:E]. ∀[d:ℤ]. ∀[i:Id]. ∀[m:Message(mf)].

   {<d, i, m> ∈ ((pv11_p1_scout_output(Cmd;accpts;mf) (pv11_p1_init_ballot_num() loc) o pv11_p1_p1b'base(Cmd;mf)) o

                pv11_p1_ScoutState(Cmd;accpts;mf) (pv11_p1_init_ballot_num() loc))(e)
   ⇐⇒ ((header(e) = ``pv11_p1 p1b`` ∈ Name)
       ∧ has-es-info-type(es;e;mf;Id
         × pv11_p1_Ballot_Num()
         × pv11_p1_Ballot_Num()
         × ((pv11_p1_Ballot_Num() × ℤ × Cmd) List)))
       ∧ ((pv11_p1_init_ballot_num() loc) = (fst(snd(msgval(e)))) ∈ pv11_p1_Ballot_Num())
       ∧ (d = 0 ∈ ℤ)
       ∧ (i = loc(e) ∈ Id)
       ∧ (↓(((pv11_p1_init_ballot_num() loc) = (fst(snd(snd(msgval(e))))) ∈ pv11_p1_Ballot_Num())

           ∧ #(fst(pv11_p1_ScoutStateFun(Cmd;accpts;mf;pv11_p1_init_ballot_num() loc;es;e))) < pv11_p1_threshold(accpts)

∧ (m
= make-Msg(``pv11_p1 adopted``;<pv11_p1_init_ballot_num() loc

                                            , snd(pv11_p1_ScoutStateFun(Cmd;accpts;mf;pv11_p1_init_ballot_num()

                                                                                      loc;es;e))

>)
∈ Message(mf)))

           ∨ ((¬((pv11_p1_init_ballot_num() loc) = (fst(snd(snd(msgval(e))))) ∈ pv11_p1_Ballot_Num()))

∧ (m = make-Msg(``pv11_p1 preempted``;fst(snd(snd(msgval(e))))) ∈ Message(mf))))})

∧ (∀[z3:ℤ]. ∀[z1:pv11_p1_Ballot_Num()]. ∀[reps,accpts:bag(Id)]. ∀[Cmd:{T:Type| valueall-type(T)} ]. ∀[z4:Cmd].

   ∀[mf:pv11_p1_headers_type{i:l}(Cmd)]. ∀[es:EO+(Message(mf))]. ∀[e:E]. ∀[d:ℤ]. ∀[i:Id]. ∀[m:Message(mf)].

     {<d, i, m> ∈ ((pv11_p1_commander_output(Cmd;accpts;reps;mf) <z1, z3, z4> o pv11_p1_p2b'base(Cmd;mf)) o pv11_p1_Comm\000CanderState(Cmd;accpts;mf) z1 z3)(e)

⇐⇒ ((header(e) = ``pv11_p1 p2b`` ∈ Name)
∧ has-es-info-type(es;e;mf;Id × pv11_p1_Ballot_Num() × ℤ × pv11_p1_Ballot_Num()))

         ∧ ((z1 = (fst(snd(msgval(e)))) ∈ pv11_p1_Ballot_Num()) ∧ (z3 = (fst(snd(snd(msgval(e))))) ∈ ℤ))

         ∧ (d = 0 ∈ ℤ)
         ∧ (↓((z1 = (snd(snd(snd(msgval(e))))) ∈ pv11_p1_Ballot_Num())
             ∧ #(pv11_p1_CommanderStateFun(Cmd;accpts;mf;z1;z3;es;e)) < pv11_p1_threshold(accpts)
             ∧ i ↓∈ reps
             ∧ (m = make-Msg([decision];<z3, z4>) ∈ Message(mf)))
             ∨ ((¬(z1 = (snd(snd(snd(msgval(e))))) ∈ pv11_p1_Ballot_Num()))
               ∧ (i = loc(e) ∈ Id)

               ∧ (m = make-Msg(``pv11_p1 preempted``;snd(snd(snd(msgval(e))))) ∈ Message(mf))))})

∧ (∀[loc:Id]. ∀[param:pv11_p1_Ballot_Num()]. ∀[accpts:bag(Id)]. ∀[Cmd:{T:Type| valueall-type(T)} ].

   ∀[mf:pv11_p1_headers_type{i:l}(Cmd)]. ∀[es:EO+(Message(mf))]. ∀[e:E]. ∀[d:ℤ]. ∀[i:Id]. ∀[m:Message(mf)].

     {<d, i, m> ∈ ((pv11_p1_scout_output(Cmd;accpts;mf) (pv11_p1_upd_bnum() param loc) o pv11_p1_p1b'base(Cmd;mf)) o

                  pv11_p1_ScoutState(Cmd;accpts;mf) (pv11_p1_upd_bnum() param loc))(e)
     ⇐⇒ ((header(e) = ``pv11_p1 p1b`` ∈ Name)
         ∧ has-es-info-type(es;e;mf;Id
           × pv11_p1_Ballot_Num()
           × pv11_p1_Ballot_Num()
           × ((pv11_p1_Ballot_Num() × ℤ × Cmd) List)))
         ∧ ((pv11_p1_upd_bnum() param loc) = (fst(snd(msgval(e)))) ∈ pv11_p1_Ballot_Num())
         ∧ (d = 0 ∈ ℤ)
         ∧ (i = loc(e) ∈ Id)
         ∧ (↓(((pv11_p1_upd_bnum() param loc) = (fst(snd(snd(msgval(e))))) ∈ pv11_p1_Ballot_Num())
             ∧ #(fst(pv11_p1_ScoutStateFun(Cmd;accpts;mf;pv11_p1_upd_bnum() param

                                                         loc;es;e))) < pv11_p1_threshold(accpts)

∧ (m
= make-Msg(``pv11_p1 adopted``;<pv11_p1_upd_bnum() param loc

                                              , snd(pv11_p1_ScoutStateFun(Cmd;accpts;mf;pv11_p1_upd_bnum() param

                                                                                        loc;es;e))

>)
∈ Message(mf)))

             ∨ ((¬((pv11_p1_upd_bnum() param loc) = (fst(snd(snd(msgval(e))))) ∈ pv11_p1_Ballot_Num()))

               ∧ (m = make-Msg(``pv11_p1 preempted``;fst(snd(snd(msgval(e))))) ∈ Message(mf))))})

∧ (∀[Cmd:{T:Type| valueall-type(T)} ]. ∀[accpts,ldrs:bag(Id)]. ∀[ldrs_uid:Id ─→ ℤ]. ∀[reps:bag(Id)].

   ∀[mf:pv11_p1_headers_type{i:l}(Cmd)]. ∀[es:EO+(Message(mf))]. ∀[e:E]. ∀[d:ℤ]. ∀[i:Id]. ∀[m:Message(mf)].

{<d, i, m> ∈ pv11_p1_main(Cmd;accpts;ldrs;ldrs_uid;reps;mf)(e)
⇐⇒ ↓(loc(e) ↓∈ ldrs

          ∧ ((((((d = 0 ∈ ℤ) ∧ (m = make-Msg(``pv11_p1 p1a``;<loc(e), pv11_p1_init_ballot_num() loc(e)>) ∈ Message(mf)) \000C∧ i ↓∈ accpts)

            ∧ (↑first(e)))
            ∨ ((no ((pv11_p1_scout_output(Cmd;accpts;mf) (pv11_p1_init_ballot_num() loc(e)) o
                    pv11_p1_p1b'base(Cmd;mf)) o pv11_p1_ScoutState(Cmd;accpts;mf)

                                                (pv11_p1_init_ballot_num() loc(e))) prior to e)

              ∧ <d, i, m> ∈ {((pv11_p1_scout_output(Cmd;accpts;mf) (pv11_p1_init_ballot_num() loc(e)) o

                              pv11_p1_p1b'base(Cmd;mf)) o pv11_p1_ScoutState(Cmd;accpts;mf)

                                                          (pv11_p1_init_ballot_num() loc(e)))}(e)))

            ∨ (∃e':{e':E| e' ≤loc e }
                ∃z1:pv11_p1_Ballot_Num()
                 ∃z3:ℤ
                  ∃z4:Cmd

                   (((((header(e') = [propose] ∈ Name) ∧ has-es-info-type(es;e';mf;ℤ × Cmd))

                   ∧ ((↑(fst(snd(pv11_p1_LeaderStateFun(Cmd;ldrs_uid;mf;es;e')))))
                     ∧ (¬↑(pv11_p1_in_domain(Cmd) (fst(msgval(e')))
                           (snd(snd(pv11_p1_LeaderStateFun(Cmd;ldrs_uid;mf;es;e')))))))

                   ∧ (z1 = (fst(pv11_p1_LeaderStateFun(Cmd;ldrs_uid;mf;es;e'))) ∈ pv11_p1_Ballot_Num())

∧ (<z3, z4> = msgval(e') ∈ (ℤ × Cmd)))
∨ (((header(e') = ``pv11_p1 adopted`` ∈ Name)

                      ∧ has-es-info-type(es;e';mf;pv11_p1_Ballot_Num() × ((pv11_p1_Ballot_Num() × ℤ × Cmd) List)))

                     ∧ ((fst(msgval(e'))) = (fst(pv11_p1_LeaderStateFun(Cmd;ldrs_uid;mf;es;e'))) ∈ pv11_p1_Ballot_Num())

                     ∧ ((<z3, z4> ↓∈ snd(snd(pv11_p1_LeaderStateFun(Cmd;ldrs_uid;...;...;...))) ∧ ...) ∨ ...)

                     ∧ ...))
                   ∧ ...)))
            ∨ ...))
          ∨ ...})

Proof

Definitions occuring in Statement : pv11_p1_main: pv11_p1_main(Cmd;accpts;ldrs;ldrs_uid;reps;mf), pv11_p1_LeaderStateFun: pv11_p1_LeaderStateFun(Cmd;ldrs_uid;mf;es;e), pv11_p1_scout_output: pv11_p1_scout_output(Cmd;accpts;mf), pv11_p1_ScoutStateFun: pv11_p1_ScoutStateFun(Cmd;accpts;mf;x;es;e), pv11_p1_ScoutState: pv11_p1_ScoutState(Cmd;accpts;mf), pv11_p1_commander_output: pv11_p1_commander_output(Cmd;accpts;reps;mf), pv11_p1_CommanderStateFun: pv11_p1_CommanderStateFun(Cmd;accpts;mf;x;zzs;es;e), pv11_p1_CommanderState: pv11_p1_CommanderState(Cmd;accpts;mf), pv11_p1_AcceptorStateFun: pv11_p1_AcceptorStateFun(Cmd;ldrs_uid;mf;es;e), pv11_p1_init_ballot_num: pv11_p1_init_ballot_num(), pv11_p1_p2b'base: pv11_p1_p2b'base(Cmd;mf), pv11_p1_p1b'base: pv11_p1_p1b'base(Cmd;mf), pv11_p1_threshold: pv11_p1_threshold(accpts), pv11_p1_in_domain: pv11_p1_in_domain(Cmd), pv11_p1_pmax: pv11_p1_pmax(Cmd;ldrs_uid), pv11_p1_headers_type: pv11_p1_headers_type{i:l}(Cmd), pv11_p1_lt_bnum: pv11_p1_lt_bnum(ldrs_uid), pv11_p1_upd_bnum: pv11_p1_upd_bnum(), pv11_p1_is_bnum: pv11_p1_is_bnum(), pv11_p1_Ballot_Num: pv11_p1_Ballot_Num(), msg-interface: Interface, make-Msg: make-Msg(hdr;val), es-info-body: msgval(e), has-es-info-type: has-es-info-type(es;e;f;T), es-header: header(e), Message: Message(f), eclass2: (X o Y), eclass1: (f o X), no-classrel-in-interval: (no X between start and e), no-prior-classrel: (no X prior to e), classrel: v ∈ X(e), eo-forward: eo.e, event-ordering+: EO+(Info), es-le: e ≤loc e' , es-first: first(e), es-loc: loc(e), es-E: E, Id: Id, name: Name, l_member: (x ∈ l), cons: [a / b], nil: [], list: T List, valueall-type: valueall-type(T), assert: ↑b, less_than: a < b, uall: ∀[x:A]. B[x], guard: {T}, pi1: fst(t), pi2: snd(t), exists: ∃x:A. B[x], iff: P ⇐⇒ Q, not: ¬A, squash: ↓T, or: P ∨ Q, and: P ∧ Q, set: {x:A| B[x]} , apply: f a, function: x:A ─→ B[x], pair: <a, b>, product: x:A × B[x], natural_number: $n, int: ℤ, token: "$token", universe: Type, equal: s = t ∈ T, bag-member: x ↓∈ bs, bag-size: #(bs), bag: bag(T)
Lemmas : sq_stable__and, equal_wf, cons_wf_listp, nil_wf, listp_wf, vatype_wf, cons_wf, pv11_p1_Ballot_Num_wf, list_wf, equal-wf-T-base, sq_stable__equal, squash_wf, int_seg_wf, length_wf, name_wf, pv11_p1_headers_wf, l_all_iff, l_member_wf, pv11_p1_headers_fun_wf, cons_member, equal-wf-base, iff_weakening_equal, classrel_wf, msg-interface_wf, eclass2_wf, eclass1_wf, bag_wf, pv11_p1_p1b'base_wf, pv11_p1_scout_output_wf, pv11_p1_init_ballot_num_wf, pv11_p1_ScoutState_wf, make-msg-interface_wf, es-E_wf, event-ordering+_subtype, event-ordering+_wf, Message_wf, subtype_rel_dep_function, pv11_p1_headers_type_wf, valueall-type_wf, Id_wf, iff_transitivity, iff_weakening_uiff, eclass2-eclass1-classrel, base-classrel-equal, subtype_rel_weakening, ext-eq_weakening, pv11_p1_ScoutState-classrel, has-es-info-type_wf, es-info-body_wf, pv11_p1_ScoutStateFun_wf, exists_wf, bag-member_wf, es-loc_wf, es-header_wf, bag-member-spread-to-pi, bag-member-ifthenelse, empty-bag_wf, pv11_p1_eq_bnums_wf, ifthenelse_functionality_wrt_iff, false_wf, bag-member-empty-weak, bag-member-single-weak, single-bag_wf, pv11_p1_adopted'send_wf, ifthenelse-false-right, bool_wf, eqtt_to_assert, pv11_p1_eq_bnums-assert, lt_int_wf, bag-size_wf, nat_wf, pv11_p1_threshold_wf, assert_of_lt_int, eqff_to_assert, bool_cases_sqequal, subtype_base_sq, bool_subtype_base, assert-bnot, less_than_wf, pv11_p1_preempted'send_wf, assert_wf, sq_stable__has-es-info-type, squash-assert, member_wf, int_subtype_base, make-Msg_wf, pi1_wf_top, bool_cases, not_wf, true_wf, or_wf, pv11_p1_p2b'base_wf, pv11_p1_commander_output_wf, pv11_p1_CommanderState_wf, pv11_p1_CommanderState-classrel, pv11_p1_CommanderStateFun_wf, pv11_p1_decision'broadcast_wf, bag-member-map, eq_int_wf, assert_of_eq_int, assert_of_band, equal-wf-base-T, mk-msg-interface_wf, sq_stable__bag-member, pv11_p1_upd_bnum_wf, pv11_p1_main_wf, parallel-classrel-weak, class-at_wf, pv11_p1_Leader_wf, pv11_p1_Acceptor_wf, classrel-at, parallel-class_wf, pv11_p1_SpawnFirstScout_wf, bind-class_wf, pv11_p1_LeaderPropose_wf, pv11_p1_LeaderAdopted_wf, pv11_p1_Commander_wf, pv11_p1_LeaderPreempted_wf, pv11_p1_Scout_wf, on-loc-classrel, pv11_p1_mk_bnum_wf, bind-class-rel-weak, pv11_p1_leader_propose_wf, pv11_p1_propose'base_wf, pv11_p1_LeaderState_wf, pv11_p1_LeaderState-classrel, pv11_p1_LeaderStateFun_wf, pv11_p1_leader_adopted_wf, pv11_p1_adopted'base_wf, pv11_p1_CommanderNotify_wf, pv11_p1_CommanderOutput_wf, eo-forward_wf, return-loc-bag-class-classrel, pv11_p1_p2a'broadcast_wf, pair-eta, once-classrel-weak, pv11_p1_leader_preempted_wf, pv11_p1_preempted'base_wf, pv11_p1_ScoutNotify_wf, pv11_p1_ScoutOutput_wf, pv11_p1_p1a'broadcast_wf, pv11_p1_AcceptorsP1a_wf, pv11_p1_AcceptorsP2a_wf, pv11_p1_p1b'send_wf, pv11_p1_p1a'base_wf, pv11_p1_AcceptorState_wf, pv11_p1_AcceptorState-classrel, pv11_p1_AcceptorStateFun_wf, pv11_p1_p2b'send_wf, pv11_p1_p2a'base_wf, member-eo-forward-E, es-first_wf2, no-prior-classrel_wf, sq_or_wf, es-le_wf, list-subtype-bag, map_wf, bag-member-append, bag-member-filter, bnot_wf, bl-exists_wf, pv11_p1_in_domain_wf, assert_of_bnot, pv11_p1_update_proposals_wf, pv11_p1_pmax_wf, pv11_p1_lt_bnum_wf, filter_wf5, pv11_p1_is_bnum_wf, and_wf, assert-name_eq, assert-bl-exists, l_exists_wf, l_exists_iff, eo-forward-loc, eo-forward-first2, eo-forward-no-prior-classrel, no-classrel-in-interval_wf, es-info-type_wf, subtype_rel_product, top_wf, subtype_top, subtype_rel_transitivity, es-le-loc, decidable__es-le

Latex:
(\mforall{}[loc:Id]. \mforall{}[accpts:bag(Id)]. \mforall{}[Cmd:\{T:Type| valueall-type(T)\} ]. \mforall{}[mf:pv11\_p1\_headers\_type\{i:l\}(Cmd)]. \mforall{}[es:EO+(Message(mf))]. \mforall{}[e:E]. \mforall{}[d:\mBbbZ{}]. \mforall{}[i:Id]. \mforall{}[m:Message(mf)]. \{<d, i, m> \mmember{} ((pv11\_p1\_scout\_output(Cmd;accpts;mf) (pv11\_p1\_init\_ballot\_num() loc) o pv11\_p1\_p1b'base(Cmd;mf)) o pv11\_p1\_ScoutState(Cmd;accpts;mf) (pv11\_p1\_init\_ballot\_num() loc))(e) \mLeftarrow{}{}\mRightarrow{} ((header(e) = ``pv11\_p1 p1b``) \mwedge{} has-es-info-type(es;e;mf;Id \mtimes{} pv11\_p1\_Ballot\_Num() \mtimes{} pv11\_p1\_Ballot\_Num() \mtimes{} ((pv11\_p1\_Ballot\_Num() \mtimes{} \mBbbZ{} \mtimes{} Cmd) List))) \mwedge{} ((pv11\_p1\_init\_ballot\_num() loc) = (fst(snd(msgval(e))))) \mwedge{} (d = 0) \mwedge{} (i = loc(e)) \mwedge{} (\mdownarrow{}(((pv11\_p1\_init\_ballot\_num() loc) = (fst(snd(snd(msgval(e)))))) \mwedge{} \#(fst(pv11\_p1\_ScoutStateFun(Cmd;accpts;mf;pv11\_p1\_init\_ballot\_num() loc;es;e))) < pv11\_p1\_threshold(accpts) \mwedge{} (m = make-Msg(``pv11\_p1 adopted``;<pv11\_p1\_init\_ballot\_num() loc , snd(pv11\_p1\_ScoutStateFun(Cmd;accpts;mf;... loc;es;e)) >))) \mvee{} ((\mneg{}((pv11\_p1\_init\_ballot\_num() loc) = (fst(snd(snd(msgval(e))))))) \mwedge{} (m = make-Msg(``pv11\_p1 preempted``;fst(snd(snd(msgval(e))))))))\}) \mwedge{} (\mforall{}[z3:\mBbbZ{}]. \mforall{}[z1:pv11\_p1\_Ballot\_Num()]. \mforall{}[reps,accpts:bag(Id)]. \mforall{}[Cmd:\{T:Type| valueall-type(T)\} ]. \mforall{}[z4:Cmd]. \mforall{}[mf:pv11\_p1\_headers\_type\{i:l\}(Cmd)]. \mforall{}[es:EO+(Message(mf))]. \mforall{}[e:E]. \mforall{}[d:\mBbbZ{}]. \mforall{}[i:Id]. \mforall{}[m:Message(mf)]. \{<d, i, m> \mmember{} ((pv11\_p1\_commander\_output(Cmd;accpts;reps;mf) <z1, z3, z4> o pv11\_p1\_p2b'base(Cmd;mf)) o pv11\_p1\_CommanderState(Cmd;accpts;mf) z1 z3)(e) \mLeftarrow{}{}\mRightarrow{} ((header(e) = ``pv11\_p1 p2b``) \mwedge{} has-es-info-type(es;e;mf;Id \mtimes{} pv11\_p1\_Ballot\_Num() \mtimes{} \mBbbZ{} \mtimes{} pv11\_p1\_Ballot\_Num())) \mwedge{} ((z1 = (fst(snd(msgval(e))))) \mwedge{} (z3 = (fst(snd(snd(msgval(e))))))) \mwedge{} (d = 0) \mwedge{} (\mdownarrow{}((z1 = (snd(snd(snd(msgval(e)))))) \mwedge{} \#(pv11\_p1\_CommanderStateFun(Cmd;accpts;mf;z1;z3;es;e)) < pv11\_p1\_threshold(accpts) \mwedge{} i \mdownarrow{}\mmember{} reps \mwedge{} (m = make-Msg([decision];<z3, z4>))) \mvee{} ((\mneg{}(z1 = (snd(snd(snd(msgval(e))))))) \mwedge{} (i = loc(e)) \mwedge{} (m = make-Msg(``pv11\_p1 preempted``;snd(snd(snd(msgval(e))))))))\}) \mwedge{} (\mforall{}[loc:Id]. \mforall{}[param:pv11\_p1\_Ballot\_Num()]. \mforall{}[accpts:bag(Id)]. \mforall{}[Cmd:\{T:Type| valueall-type(T)\} ]. \mforall{}[mf:pv11\_p1\_headers\_type\{i:l\}(Cmd)]. \mforall{}[es:EO+(Message(mf))]. \mforall{}[e:E]. \mforall{}[d:\mBbbZ{}]. \mforall{}[i:Id]. \mforall{}[m:Message(mf)]. \{<d, i, m> \mmember{} ((pv11\_p1\_scout\_output(Cmd;accpts;mf) (pv11\_p1\_upd\_bnum() param loc) o pv11\_p1\_p1b'base(Cmd;mf)) o pv11\_p1\_ScoutState(Cmd;accpts;mf) (pv11\_p1\_upd\_bnum() param loc))(e) \mLeftarrow{}{}\mRightarrow{} ((header(e) = ``pv11\_p1 p1b``) \mwedge{} has-es-info-type(es;e;mf;Id \mtimes{} pv11\_p1\_Ballot\_Num() \mtimes{} pv11\_p1\_Ballot\_Num() \mtimes{} ((pv11\_p1\_Ballot\_Num() \mtimes{} \mBbbZ{} \mtimes{} Cmd) List))) \mwedge{} ((pv11\_p1\_upd\_bnum() param loc) = (fst(snd(msgval(e))))) \mwedge{} (d = 0) \mwedge{} (i = loc(e)) \mwedge{} (\mdownarrow{}(((pv11\_p1\_upd\_bnum() param loc) = (fst(snd(snd(msgval(e)))))) \mwedge{} \#(fst(pv11\_p1\_ScoutStateFun(Cmd;accpts;mf;pv11\_p1\_upd\_bnum() param loc;es;e))) < pv11\_p1\_threshold(accpts) \mwedge{} (m = make-Msg(``pv11\_p1 adopted``;<pv11\_p1\_upd\_bnum() param loc , snd(pv11\_p1\_ScoutStateFun(Cmd;accpts;mf;... param loc;es;e)) >))) \mvee{} ((\mneg{}((pv11\_p1\_upd\_bnum() param loc) = (fst(snd(snd(msgval(e))))))) \mwedge{} (m = make-Msg(``pv11\_p1 preempted``;fst(snd(snd(msgval(e))))))))\}) \mwedge{} (\mforall{}[Cmd:\{T:Type| valueall-type(T)\} ]. \mforall{}[accpts,ldrs:bag(Id)]. \mforall{}[ldrs$_{uid}$:Id\000C {}\mrightarrow{} \mBbbZ{}]. \mforall{}[reps:bag(Id)]. \mforall{}[mf:pv11\_p1\_headers\_type\{i:l\}(Cmd)]. \mforall{}[es:EO+(Message(mf))]. \mforall{}[e:E]. \mforall{}[d:\mBbbZ{}]. \mforall{}[i:Id]. \mforall{}[m:Message(mf)]. \{<d, i, m> \mmember{} pv11\_p1\_main(Cmd;accpts;ldrs;ldrs$_{uid}$;reps;mf)(e) \mLeftarrow{}{}\mRightarrow{} \mdownarrow{}(loc(e) \mdownarrow{}\mmember{} ldrs \mwedge{} ((((((d = 0) \mwedge{} (m = make-Msg(``pv11\_p1 p1a``;<loc(e), pv11\_p1\_init\_ballot\_num() loc(e)>)\000C) \mwedge{} i \mdownarrow{}\mmember{} accpts) \mwedge{} (\muparrow{}first(e))) \mvee{} ((no ((pv11\_p1\_scout\_output(Cmd;accpts;mf) (pv11\_p1\_init\_ballot\_num() loc(e)) o pv11\_p1\_p1b'base(Cmd;mf)) o pv11\_p1\_ScoutState(Cmd;accpts;mf) (pv11\_p1\_init\_ballot\_num() loc(e))) prior to e) \mwedge{} <d, i, m> \mmember{} \{((pv11\_p1\_scout\_output(Cmd;accpts;mf) (pv11\_p1\_init\_ballot\_num() loc(e)) o pv11\_p1\_p1b'base(Cmd;mf)) o pv11\_p1\_ScoutState(Cmd;accpts;mf) (pv11\_p1\_init\_ballot\_num() loc(e)))\}( e))) \mvee{} (\mexists{}e':\{e':E| e' \mleq{}loc e \} \mexists{}z1:pv11\_p1\_Ballot\_Num() \mexists{}z3:\mBbbZ{} \mexists{}z4:Cmd (((((header(e') = [propose]) \mwedge{} has-es-info-type(es;e';mf;\mBbbZ{} \mtimes{} Cmd)) \mwedge{} ((\muparrow{}(fst(snd(pv11\_p1\_LeaderStateFun(Cmd;ldrs$_{uid}$;mf;es;e\000C'))))) \mwedge{} (\mneg{}\muparrow{}(pv11\_p1\_in\_domain(Cmd) (fst(msgval(e'))) (snd(snd(pv11\_p1\_LeaderStateFun(Cmd;ldrs$_{uid}$;mf;e\000Cs;e'))))))) \mwedge{} (z1 = (fst(pv11\_p1\_LeaderStateFun(Cmd;ldrs$_{uid}$;mf;es;e'\000C)))) \mwedge{} (<z3, z4> = msgval(e'))) \mvee{} (((header(e') = ``pv11\_p1 adopted``) \mwedge{} has-es-info-type(es;e';mf;pv11\_p1\_Ballot\_Num() \mtimes{} ((pv11\_p1\_Ballot\_Num() \mtimes{} \mBbbZ{} \mtimes{} Cmd) List))) \mwedge{} ((fst(msgval(e'))) = (fst(pv11\_p1\_LeaderStateFun(Cmd;ldrs$_{uid\mbackslash{}f\000Cf7d$;mf;es;e')))) \mwedge{} ((<z3, z4> \mdownarrow{}\mmember{} snd(snd(pv11\_p1\_LeaderStateFun(Cmd;ldrs$_{uid}\mbackslash{}\000Cff24;mf;es;e'))) \mwedge{} (\mneg{}(\mexists{}p2:Cmd. (<z3, p2> \mmember{} pv11\_p1\_pmax(Cmd;ldrs$_{uid}$) \000C(snd(msgval(e'))))))) \mvee{} (\mexists{}v2:pv11\_p1\_Ballot\_Num() (<v2, z3, z4> \mdownarrow{}\mmember{} snd(msgval(e')) \mwedge{} (\mneg{}(\mexists{}z5:pv11\_p1\_Ballot\_Num(). \mexists{}z8:Cmd. ((\muparrow{}(v2 ... ...)) \mwedge{} ...)))))) \mwedge{} ...)) \mwedge{} ...))) \mvee{} ...)) \mvee{} ...\}) Date html generated: 2015_07_23-PM-04_41_26 Last ObjectModification: 2015_02_04-AM-08_58_16 Home Index